This KB article shows steps how to set up SSO SAML with IDP Identity provider 'MiniOrange'.


1 - Create an account with IDP MiniOrange (version tested June 2018)



Refer to the account creation details as shown.


2 - Login with your new account user name


2.1 - Display users

Click on 'Users' in left menu


 2.2 - Verify that you can see your new current user name

Note that it is possible to add new users, either manually or else they can be imported, synchronized.



3 - Create an application


3.1 Click on 'Apps', 'Manage App'



3.2 Click on 'Configure App' button 



3.3 Select 'Custom App' with the mouse

3.4  Click on 'Add App' button


3.5 Fill in fields


- Custom Application Name : type any name/string 

- *SP Entity ID or Issuer : https://xxxxx.service-now.com

- *ACS URL : https://xxxxx.service-now.com/navpage.do

- Single Logout URL : https://xxxxx.service-now.com/external_logout_complete.do

- Name ID : username

- Group Name : select DEFAULT

- *Policy Name : type any name/string

- *First Factor Type : select PASSWORD


3.6 Click on 'Save' 


3.7 Click on 'Apps', 'Manage App'  (same as 3.1)

This will show the following list view of applications.



3.8 Click on Metadata and save the file.


4 - Configure MiniOrange settings into Servicenow Identity Provider


4.1 Create a new Identity Provider in Servicenow


  • In the Filter navigator, type keyword 'multi'


  • Click on  Identity Provider.
  • Click on button 'new'.

  • Click on SAML

4.2 Configure Identity Provider in Servicenow


  • Next, a prompt to import Identity Provider Metadata comes up as follows

  • Open up the file saved in step 3.8 and copy paste the XML text in the box.
  • Click on Import


The following IDP form will show with all values pre-filled, and the certificate will automatically be imported as well.

Note that it is also possible to manually fill in all those values and the certificates can be manually created based on the step 3.8 above.

  • Click on the 'Test Connection' button in the IDP form above


  • Enter MiniOrange user name and password as created in step 1



  • Once authenticated, the following result is shown at which stage it becomes possible to validate and save the new IDP

Note that it may be required to temporarily remove the URL logout to get this test to work.



  • Click on  "Set as Auto Redirect IdP"



 5- Enable SSO in Servicenow


  • In the Filter navigator, type keyword 'multi'
  • Click on properties
  • Select "Enable multiple provider SSO"





Article Information

Last Updated:2018-08-03 08:31:46